Re 

# 

TT 


f 


Hits 
18 


Search Query 

(((byzantine with fault) not 
(byzantine with group)) hot " : 
\ (((byzantine with fault) not 




DBS 

US-PGPUB; 
USPAT; 
EPO; JPO; 


Default 
Onerator 

OR 


Plural 
ON 


s Tin 
201 


ne Stamp 
35/10/28 19:38 


li 


2 

1 




1 

84 


\ < 
1 

( 
( 
( 
( 

1 


^byzantine with group)):andi;yn iy^nHHi 
jirector$3)) and (distribute with 
:omputer$l) ; 

;distribut$3 with file with system) 
and (((byzantine with fault) not 
[byzantine with group)) not 
[((byzantine with fault) not 
[byzantine with group)) and 
Jirector$3)) 

byzantine with fault 


DERWENT; 
IBNLTQB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 

TRM THR 

US-PGPUB; 
USPAT; 


OR 

OR 






ON 

SHI 


201 

I IB 


J5/10/28 19:39 

j||i||l|:|i 


\\ 


















EPO; JPO; 
DERWENT; 

.iBMirpBip; \ 
















.4 


17 


1 


byzantine with group 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM TDB 


OR 


ON 


201 


35/10/28 19:39 




.5 : 


111 7 


((oyzantine witn fault) not 
i (byzantine with group)) and! 
director$3 ;! 


' US-PGPUB; . 
USPAT; !: 
EPO; JPO; 






III!! 


I 111 


js/iv/zu iy: 




i 

|i 


.6 
.7 




29 

ill 


1 

< 

i 
< 


[((distribut$3 with file with 
system) and director$3) and 
[hierarch$5 with namespace)) and 
[director$3 with entr$3) 

'(((f\ icrri hi it* 3 \n ifh fi 1 p withi 


DERWENT; 
i IBM_TDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB;^ 


OR 

ill 




ON 

::ON: h 


201 

III 111 


35/10/28 19:40 
35/10/28 19:41 








j Si^SKHi) and director$3) and- ; ..i; 

(hierarch$5 with namespace)) not !.• 
\ ((((distribute with ifile with 
\ system) and director$3) and 


USPAT; 
' EPO; JPO; 

DERWENT; 
: IBMjTDB j 














L10 




34 


: : (hierarch$5 with namespace)) and \ 
\ (director$3 with ;enir$3))) eind ■ |i 
(distribut$3 with computers) 

(((distribut$3 with file with 
system) and director$3) and 
(hierarch$5 with namespace)) not 
((((distribut$3 with file with 
system) and director$3) and 
(hierarch$5 with namespace)) and 
(director$3 with entr$3)) 


US-PGPUB; 
USPAT; 
EPO; JPO; 

UbKWbN 1 ; 
IBM.TDB 


OR 




ON 


201 


35/10/28 19:42 
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Lll 
L12 


44 

llllill 


(serverless with distribut$3) and 
director$3 

"global file" and serverless : 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
TRM TDR 

US-PGPUB; 
USPAT; 
EPO; JPO; 


OR 
OR 


ON 


2005/10/28 19:42 
2005/10/28 19:42 














DERWENT; 
IBM TDB 










L13 
L14 


8 
71 


(serverless with distribut$3) and 
director$3 and Byzantine 

serverless with distribut$3 ¥kJ 




US-PGPUB; 

USPAT; 

EPO; JPO; 

DERWENT; 
tdm Tnn 

US-PGPUB, 
USPAT; 
EPO; JPO; 


OR 
OR 


ON 

Bill 


2005/10/28 19:43 
2005/10/28 19:43 


L15 

SBlli 


8 
4 


(byzantine and directory) and 
serverless 

(delegat$3 with certificate) and 
(hierarchical with namespace)! 




DERWENT; 
IBMITDB : 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

:US^PGPUB; y; 

usPAT; 

EPO; JPb;;i 
DERWENT; 
IBM_TDB * 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM.TDB 


OR 

ill! 




ON 

liilj! 


2 

1 


!005/10/28 19:43 
1005/10/28119:44; 


L17 


4 


(delegat$3 with certificate) and 
(delegat$3 with subtree) 


01 






ON 


2 


.005/10/28 19:45 


Ell 


: 266? 


delegat$3 with certificate 




US-PGPUB; 


lllll 




ill 




11 


005/10/28 19: 


III! 










USPAT; 
EPO; JPO;: 
DERWENT; 
IBMlTDB 

US-PGPUB; 
USPAT; 

CrVJ, JrVJ, 

DERWENT; 
IBM.TDB 


















L19 


137 


L18 and (digital$2 with sign$3) 




OR 




ON 




2 


005/10/28 19:46 


L20 


i 27 


ill 


and namespace 






US-PGPUB; 


lililll 




ii 




1 


005/10/28 19:46 














USPAT; 
EPO; JPO; 
DERWENT; 
IBM TDB 
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L21 



27 



L19 and namespace 



L21 and (computer$l with: 
hierarch$4) ■ 



US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM TDB 



OR 



HI 



ON 



iONi 



2005/10/28 19:46 



2005/10/28 19:46 



L23 



111241! 



L25 



SI 



S2 



S3] 



S4 



S5 



!398!! 



(delegat$3 with certificate) and 
(delegat$3 with tree) 



hierarch$4 with namespace$l 



16 



6143 



L24 and (digital$2 with 
certificate$l) 



distnbut$3 with file with system 



11 



byzantine with group 



12:! 



|byzahtihe]Withiftujt| 



63 



(byzantine with fault) not 
(byzantine with group) 



((byzantine with fault) not : 
(byzantinewith group)) ^Hdi: 
director$3 :,...! 



US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM.TDB 

US-PGPUB;; 

iulPAll!!!!!!! 
EPO; JPO; 
DERWENT;^ 
IBM_TDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB; 
USPAT; 
EPO- Jfk);i 
DERWENT; 
IBMufDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM.TDB 

uIpgIu! 

USPAT; 
EPO;;JPO; 
DERWENT; 
iBMiTDBf 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB; 
USPAT; I 
EPO; JPO; 
DERWENT; 
IBMlTDBl 



OR 



OR:! 



OR 



OR : 



OR 



iORii 



OR 



OR 



ON 



ON 



ON 



:ON 



ON 



!ON] 



ON 



ON 



2005/10/28 19:47 



2005/10/28 19:47 



2005/10/28 19:47 



2004/06/18: 16:22:: 



2005/10/28 19:39 



2005/10/28 19:39 



2004/06/17 19:06 



2005/10/2819:39; 
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S6 


1 


(distribut$3 with file with system) 
and (((byzantine with fault) not 
^uyzxaiiuiic wiui yruup^ nut 
(((byzantine with fault) not 
(byzantine with group)) and 
director$3)) 


US-PGPUB; 
USPAT; 

CrVJ, JrVJ, 

DERWENT; 
IBM_TDB 


OR 


ON 


2005/10/28 19:39 


S7 


57 


((byzantine with fault) not 
(byzantine with group)) not 
(((byzantine with fault) not 


I1I§g1uI1 
nusPATijinniniii 
tFO; JPO; 


SHSSSSl 


ON 


1 1200} 


VG6/ 


17 V 


9 


ill 


S8 


17 


(byzantine with group)) and 
direetor$3) 

(((byzantine with fault) not 
(byzantine with group)) not 

( ( ( nv/TairHno lAiifh faults nnt* 

muyidiiuiic wiui iduiij nui 
(byzantine with group)) and 
director$3)) and (distribut$3 with 
computer$l) 


DERWENT, 
IBM TDB 

US-PGPUB; 
USPAT; 
fph- IPO 

DERWENT; 
IBM_TDB 


OR 


ON 


2005/10/28 19:38 


S9 




distrtbut$3 with file 


with: system 


US-PGPUB; 
USPAT; 
EPO; JPO; .: 


OR 


ON 


; 2004/06/18 16:22 






S10 


2207 
52 


(distribut$3 with file with system) 
and director$3 


DERWENT; 
IBMJTDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 

TDM ~T~H»D 


OR 
OR 

: : .^^C\ :::::::::::::: 


ON 


2004/06/18 16:23 


:: V.A A::::: 


( ( d ist ri b u t$ 3 with 1 fi le w i th ; sy ste rti ) ^ 
and director$3) and (hierarch$5 


UStPGPUB;: 
USPAT;;: 








10 1 










with namespace) 




EPO; JPO; 




























DERWENT;;! 
ilBM JTJB: 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 

TRM THR 
















S12 


22 


(((distribut$3 with file with 
system) and director$3) and 
(hierarch$5 with namespace)) and 
(director$3 with entr$3) 


OR 


ON 


2005/10/28 19:41 




30 


(((distribut$3 with file with : : 
system) and director$3) and 
(hierarch$5 with namespace)) not 


US-PGPUB; 

USRAT;! ;: 

EPO* IPO* 


;;l|l||i 


1 lilllli 


; -iririt /in/ no in 


:42 
















((((distribut$3 with file with 
system). and director$3) and 
i i (h iera rch $ 5 i with ;na mespace)) a nd i 
:(director$3 with entr$3)) ; 

((((distribut$3 with file with 
system) and director$3) and 
(hierarch$5 with namespace)) not 
((((distribute with file with 
system) and director$3) and 
(hierarch$5 with namespace)) and 
(director$3 with entr$3))) and 
(distribut$3 with computers) 


iiblRWiNT;! 
IBMJTDB 
























































S14 


27 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 

TDM Tr\D 

IBM_TDB 


OR 


ON 


2005/10/28 19:41 
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S15 
$16 


21 

7 


(serverless with distribut$3) and 
director$3 

Farsite 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB; 

luIPAliliill 

EPO; JPO; 


OR 
OR 


ON 
ON 


2005/10/28 19:42 

;2004/06/21;18:2iB:: 








DERWENT; 
IBM TDB 


















S17 

Bill 


2 

198 \ 


"global file stores" 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

US-PGPUB; 
USPAT; : V 
EPO; JPO; 
ilDERWENT;: 
IBM_TDB ; : : 

US-PGPUB; 

1 IQDAT' 

EPO; JPO; 

DERWENT; 

IBMJTDB 


OR 

Bill 




ON 
ON 




2004/06/21 18:29 
2004/06/21 18:29 


S19 


12 


"global file" and serverless 


OR 




ON 




2005/10/28 19:42 


|s2p:| 




6 


(serverless with distribut$3) ar 

iidirie^or$3 and : Byzantine!: : : 




•US-PGPUB; 


IB 




HI 




1 2005/10/28 19 


:43 




ill 














USPAT; h 
: EPO; JPO; : 
























DERWENT; 
IBMJTDB 














S21 

Ipll 




29 

2 


serverless with distribut$3 
("6067545").PN; 




US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

: USrPGPUB;::; 


OR 

HI 




ON 

Pi 




2005/10/28 19:43 

= 2004/06/24:ll:25ii 














USPAT; ! 
USOCR; 
EPO; JPO- ; 






























DERWENT; 

IBM JTDB 1 : • 






















































S23 

iilii 




1 

; : 0 


(("6067545").PN.) and director$3 
and serverless 

((("6067545").PN.) and 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

US-PGPUB; 1 


OR 

ill 




ON 

ill 




2004/06/24 11:38 






. director$3) and distribut$3 and 
file$i and hierarchical 


USPAT; : : 
EPO; JPO; 
DERWENT; 
IBM TDB : 
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S25 

Mm 


1 


((("6067545").PN.) and 
director$3) and distribut$3 and 
file$l 

(((("6067545").PN.) and 
director$3) and distribut$3 and 
file$l) and lock 




US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB, 
USPAT, 
EPO; JPO; 


OR 

IHISIIIIII 


ON 
ON 


2004/06/24 11:27 
2004/06/24 11 27 


S27 
S28 


1 

0 | 


(("6067545").PN.) and serverless 
: byantme and directory 


DERWENT; 

liiiilli 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 

TRM TDR 

1DI l_ 1 LSD 

US-PGPUB; 
USPAT; 
EPO; JPjO;S: 


OR 
OR 


ON 
ON 


2004/06/24 12:39 
; 2004/06/24 12:39 


S29 

Hill 




41 

III 


byzantine and directory 

(byzantine arid directory) and • 
serverless 


DERWENT; 
IBMJTJB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB;! 
USPAT;! -;; :: : 
EPO; JPO- 
DERWENT; 
iBM_fp»B;:: 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM.TDB 

: ; US-PGPUB; ; 
USPAT; 
EPO; JPO; 

iDERWENtiP; 

ibm^tpb. 

US-PGPUB; 

1 I^PAT- 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 

OR 


ON 

111 




2004/06/24 12:39 
; 2005/10/28: 19:43| 

■ 


S31 

Bii 




35 

111 


(byzantine and directory) not 
((byzantine and directory) and 
serverless) 

; ((byzantine and directory) not 
((byzantine and directory) and 




OR 

: OR .,.;; 


ON 

111 




2004/06/24 12:40 
2004/06/24 12:41 : 


S33 




198 


serverless)) and distribut$3 
delegat$3 with certificate 




OR 


ON 




2005/02/08 15:40 


S34 




2 


(dj2legat$3 with certificate) and ;!!;;;:: 
(hierarchical with namespace); 


US-PGPUB' 
USPAT; 
EPO; ! JPO; 

TDERWENTi 

HTOMHixriD;:;;::: 


OR 

: :Vr JTN. :::::::::::::::: 


ON 




2005/10/28 19:44 
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S36 

liHSI ; 


2 

50236 


(delegat$3 with certificate) and 
(delegat$3 with subtree) 

;open with lock : . 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 


OR 
OR 


ON 

Hill 


2005/10/28 19:45 
2004/06/25 13:55 


S39 

S40 \ 


4 

SlllBll 


(open with lock) and serverless 
insert with lock . . 


IdMWeBI 

IBM TDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 

US-PGPUB; 

USPAT;:!:: 
EPO; JPO; 
: DERWENT;!: 
IBMJTDB 

US-PGPUB; 

EPO; JPO; 

DERWENT; 

IBMJTDB 


OR 

IHS1S111 


ON 
ON 


2005/02/08 18:38 
2004/06/25 13:59 


S41 


2 


(insert with lock) and serverless 


OR 


ON 


2004/06/25 13:55 


iiiii I 


2631 


(open with lock) 

lioick): i|l;i;j| ! ii:|i|=i 


^rid!(ihsert;wjth; ij 


US-PGPUB; 

USPAT;: : 


OR 


ON 


2004/06/25 13;' 


59 












EPO; JPO; 

DERWENT; 

IBMJTDB 






































S43 


15 


((open with lock) and (insert with 
lock)) and director$3 


US-PGPUB; 

Ujrn 1 / 

EPO; JPO; 
DERWENT; 

TRM TnR 


OR 




ON 


2004/06/25 14:05 


ISII i 


1712 


•Jnseft.ibekfll | : l ||| : |]|| f; 


US-PGPUB; 


OR 




ON 1 


2004/06/25 14:06 








USPAT; 
EPO; JPO; 






























































I6erw1nt| 
















S45 


2 


"insert lock" and 


"delete lock" 




IBMJTDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMJTDB 


OR 






ON 


2004/06/25 14:06 


Hi 


lilllllll 


"insert lock" and 
directory) ; 


(manag$3 wit 


|| HI 


; :US-PGPUB;I 
USPAT; . : 
EPO; JPO; 
DERWENT; 
IBM TDB 1 


IB 








2004/06/25 14:07: 
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S47 
S48 


4 

359 


"insert lock" and directory 

: lock with (insert$3 oricreat$3 brip!; 
add$3) with (files or director$3) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 

TQM TPNO 

IBM_TDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 


OR 
OR 


( 
( 


DN 

ill!! 


2004/06/25 14:07 
2004/06/25 14 28 












DERWENT; 
IBM TDB 










S49 


209 


(lock with (insert$3 or creat$3 or 
add$3) with (files or director$3)) 
and director$3 


US-PGPUB; 

1 ICDAT- 

EPO; JPO; 

DERWENT; 

IBM.TDB 


OR 


ON 


2004/06/25 14:28 


S50 


, : ;!: .; ;;; J 


36 


: ((lock with (insert$3 or creat$3 or 
add$3) with; (files; or directbr$3))i i 
and dirertp^ 
with file with system) : 

(((lock with (insert$3 or creat$3 or 
add$3) with (files or director$3)) 
and director$3) and (distribut$3 
with file with system)) and 
serverless 

: ->'09236366^ ; :^ ^ 


US-PGPUB; 
USPAT; ,;: ; : 
EPO; JPO; 
: DERWENT;- 
IBM_TDB j ; 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM.TDB 

US-PGPUB, 


MM 




ON 


2004/06/25 14:28 


S51 

S52 


] 


14 

II 


OR 

|||§ 




ON 

lONliilli 


2004/06/25 17:07 












•USPAT; - 
EP6;-JPd; [ 
DERWENT; 
















































S58 

B|| 


2 

225 \ 


("6029168").PN. 
delegat$3 with certificate 






ibmjtjb 

US-PGPUB; 
USPAT; 
USOCR; 
EPO; JPO; 
DERWENT; 
IBM TDB 

1UI 1 1 LsLJ 

US-PGPUB;! 
USPAT; i 
EPO; JPO; 


OR 
OR 


OFF 
ON 


2004/06/23 19:47 
2005/02/08 15:41 


S60 
S61 


2 


S59 and (hierarch$4 with 
namespace) 






DERWENT; 
IBM_TDB : 

US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT* 
IBM_TDB 


OR 
OR 




ON 


2005/02/08 15:42 


113 


sr>y ana iaigitai?z witn signw; 




US-PGPUB, 
USPAT; 






JIM::::::::: 


2005/02/08 15 43 




























































EPO; JPO;: 






































DERWENT; 
; IBM TDB : 













































Search History 10/28/2005 7:49:14 PM Page 8 

C:\Documents and Settings\mnguyen5\My Documents\EAST\Workspaces\10005629.wsp 



Ref 
# 


Hits 


Search Query 


DBs 


Default 
Operator 


Plurals 


Time Stamp 


U6 


13 


(("5909540") or ("5915096") or 
("5950198") or ("5991414") or 
("6160552") or ("6738797") or 
i:( , : , 6766367":):or( ,, 6098079") or !:••;!•: 


USPAT; 

iusocr : ; § 


OR 


OFF 


2005/10/28 20:24 




L27 

(IIS 


0 

! .I ; Al;; 


("6167449") or ("6263348") or 
("6370547") or ("6405315") or 
("6718360")).PN. 

26 and delegate 

:26:ahd certificate; 


US-PGPUB; 

USPAT; 

USOCR; 

EPO; JPO; 

DERWENT; 

IBM_TDB 

US-PGPUB; 
USPAT; ; . 
USOCR; 

EPO; JPO;: : : 
DERWENT; : 
IBML.TDB 

US-PGPUB; 

USPAT; 

USOCR; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 
OR 


ON 
ON 




'005/10/28 20:25 

?M5/l§p2b:24]' 




L29 


0 


26 and delegatio 


n 


OR 


ON 




'005/10/28 20:25 
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S62 
S63 


22 

lllllll 


561 and namespace 

562 and (computer$l with 
hierarch$4) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 

US-PGPUB; 
USPAT; 
EPO; JPO; 


OF 
OF 


i 

1 i : 


ON 

ijiBiiiiii 


2005/10/28 19:46 
2005/10/28 19:46 


S64 

1BI1 


20 

3 


S62 and hierarch$4 

(delegat$3 with certificate) a 
(delegat$3 with tree) 


nd 


DERWENT; 
IBM TDB 

US-PGPUB; 
USPAT; 
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1 A calculus for access control in distributed systems 

Martin Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin 

September 1993 ACM Transactions on Programming Languages and Systems 

(TOPLAS), Volume 15 Issue 4 

Publisher: ACM Press 

Full text available: 111 pdfl94 MB) Addltional Information: full citation, abstract, references, citings, Index 
• ^ .... !t .....„... terms, review 

We study some of the concepts, protocols, and algorithms for access control in distributed 
systems, from a logical perspective. We account for how a principal may come to believe 
that another principal is making a request, either on his own or on someone else's behalf. 
We also provide a logical language for accesss control lists and theories for deciding 
whether requests should be granted. 



Keywords: cryptographic protocols, cryptography, modal logic 
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December 1993 ACM SIGOPS Operating Systems Review , Proceedings of the 

fourteenth ACM symposium on Operating systems principles SOSP 

'93, Volume 27 Issue 5 

Publisher: ACM Press 

Full text available* "PI pdfl 45 MP) Additional Information: full citation, abstract, references, citings, index 

!L ^" terms 

We describe a design and implementation of security for a distributed system. In our 
system, applications access security services through a narrow interface. This interface 
provides a notion of identity that includes simple principals, groups, roles, and 
delegations. A new operating system component manages principals, credentials, and 
secure channels. It checks credentials according to the formal rules of a logic of 
authentication. Our implementation is efficient enough to support a substantia ... 

Authentication in the Taos operating system 

Edward Wobber, Martin Abadi, Michael Burrows, Butler Lampson 

February 1994 ACM Transactions on Computer Systems (TOCS), volume 12 issue 1 

Publisher: ACM Press 

Full text available- 15 *1 od-71.88 M3i Additional Information: full citation, abstract, references, citings . Index 
' ^ terms, review 

We describe a design for security in a distributed system and its implementation. In our 
design, applications gain access to security services through a narrow interface. This 
interface provides a notion of identity that includes simple principals, groups, roles, and 
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delegations. A new operating system component manages principals, credentials, and 
secure channels. It checks credentials according to the formal rules of a logic of 
authentication. Our implementation is efficient enough to sup ... 

Keywords: cryptography, mathematical logic 



4 Decentralized storage systems: Farsite: federated, available, and reliable storage for Q 

^ an incompletely trusted environment 

Atul Adya, William J. Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R. 
Douceur, Jon Howell, Jacob R. Lorch, Marvin Theimer, Roger P. Wattenhofer 
December 2002 ACM SIGOPS Operating Systems Review, Volume 36 issue si 
Publisher: ACM Press 

Full text available: ^pdf(1.87 MB) Additional Information: MLcjMion, abstract, references 

Farsite is a secure, scalable file system that logically functions as a centralized file server 
but is physically distributed among a set of untrusted computers. Farsite provides file 
availability and reliability through randomized replicated storage; it ensures the secrecy of 
file contents with cryptographic techniques; it maintains the integrity of file and directory 
data with a Byzantine-fault-tolerant protocol; it is designed to be scalable by using a 
distributed hint mechanism and delegatio ... 

5 Some thoughts on agent trust and delegation Q 
tffc Yuh-Jong Hu 

^ May 2001 Proceedings of the fifth international conference on Autonomous agents 
Publisher: ACM Press 

Full text available: f|pd!?339.21 K3) Additional ,nformation: — cttatlon ' references , ^ 

In this paper, we are going to show how to build up agent-oriented Public Key 
Infrastructure(PKI) from SPKI/SDSI and X.509 standards. A variety of delegation 
mechanisms for agents will be demonstrated under this agent-oriented PKI. The 
mechanisms include: chain-ruled, threshold, and conditional. The lack of agent security 
management standards did not allow us to do the agent trust and delegation in legalized 
manner so we proposed several new communicative acts to satisfy our agent delegatio ... 

6 Mobile and Cooperative Systems: An authorization infrastructure for nomadic Q 

m£ computing 

Kan Zhang, Tim Kindberg 

June 2002 Proceedings of the seventh ACM symposium on Access control models and 

technologies 
Publisher: ACM Press 

Full text available: f| pdg198.22 KB\ Additional Information: fuji citation, abstract, references, citings, [ndex 
' ™ " ™ terms 

We present an infrastructure for flexible and secure access to a group of distributed 
services in a nomadic computing environment, wherein users access local services from 
their mobile, wirelessly connected devices. We describe a secure hand-off protocol, which 
allows a user to register with a single service that hands off authorization to access a 
subset of the services. Our protocol helps maintain the user's privacy. It allows the 
services (which may be implemented on simple appliances) and ... 

Keywords: access control, authorization, mobile computing, nomadic computing, 
ubiquitous computing 
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Security functions for a file repository 
Arne Helme # Tage Stabell-Kulo 

April 1997 ACM SIGOPS Operating Systems Review, volume 3i issue 2 
Publisher: ACM Press 

Full text available: ^ pdf? 469.26 KB) Additional Information: full ciiation. abstract, index terms 

When personal machines are incorporated into distributed systems a new mixture of 
threats is exposed. The security effort in the MobyDick project is aimed at understanding 
how privacy can be protected in this new environment. Our claim is that a two-step 
process for authentication and authorisation is required, but also sufficient. The research 
vehicle is a distributed file repository. 

Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu 

August 2003 ACM Transactions on Information and System Security (TISSEC), volume 6 

Issue 3 
Publisher: ACM Press 

Full text available- HI pdf'1 05 M3i Additional Information: full citation, abstract, references, citings . Index 
• ^ ....it.......*..! terms 

Delegation is the process whereby an active entity in a distributed environment authorizes 
another entity to access resources. In today's distributed systems, a user often needs to 
act on another user's behalf with some subset of his/her rights. Most systems have 
attempted to resolve such delegation requirements with ad-hoc mechanisms by 
compromising existing disorganized policies or simply attaching additional components to 
their applications. Still, there is a strong need in the large, distrib ... 

Keywords: Role, access control, delegation, revocation, rule-based 
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" Sye Loong Keoh, Emil Lupu 

October 2002 Proceedings of the second ACM international workshop on Principles of 
mobile computing 

Publisher: ACM Press 

Full text available: ^ ndf- 281.24 KB) Additional Information: full citation , abstract, references, index terms 

Ad-hoc networks facilitate interconnectivity between mobile devices without the support 
of a network infrastructure. In this paper we propose a flexible credential verification 
mechanism, which improves the likelihood that participants in an ad-hoc network can 
verify each other's credentials despite the lack of access to certification and attribute 
authorities. Users maintain Credential Assertion Statements (CASs), which are formed 
through extraction of X. 509 and attribute certificates into an i ... 

Keywords: authentication, credential verification, security, trust 
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Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu 

May 2001 Proceedings of the sixth ACM symposium on Access control models and 
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Publisher: ACM Press 

Additional Information: full ciiation, abstract, references, citings. Index 
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In current role-based systems, security officers handle assignments of users to roles. 
However, fully depending on this functionality may increase management efforts in a 
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distributed environment because of the continuous involvement from security officers. The 
emerging technology of role-based delegation provides a means for implementing RBAC in 
a distributed environment with empowerment of individual users. The basic idea behind a 
role-based delegation is that users themselves may delegate ... 

Keywords: access control, delegation, role, rule-based 
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Thomas Y. C. Woo, Simon S. Lam 

December 1993 Proceedings of the 1st ACM conference on Computer and 



communications security 
Publisher: ACM Press 

Full text available: Mpdf(.639,02.KBJ Additional Information: full citation, references, citings, indexjejins 



13 Authentication jn^^^ 

^ Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber 

^ September 1991 ACM SIGOPS Operating Systems Review , Proceedings of the 

thirteenth ACM symposium on Operating systems principles SOSP 

'91, Volume 25 Issue 5 

Publisher: ACM Press 

Full text available' M Dd«2 33 IVP> Additional Information: MlMMion, abstract, .references, citings, jMe& 
■ M ■ -•- * — terms 

We describe a theory of authentication and a system that implements it. Our theory is 
based on the notion of principal and a "speaks for" relation between principals. A simple 
principal either has a name or is a communication channel; a compound principal can 
express an adopted role or delegation of authority. The theory explains how to reason 
about a principal's authority by deducing the other principals that it can speak for; 
authenticating a channel is one important application. We use the th ... 
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™ G. Navarro, J. Borrell, J. A. Ortega-Ruiz, S. Robles 

July 2005 Proceedings of the fourth international joint conference on Autonomous 

agents and multiagent systems AAMAS v 05 
Publisher: ACM Press 

Full text available: ^ pd;7232.6G K3) Additional Information: full citation, abstract, references, index terms 

Mobile agent systems provide new perspectives for distributed e-commerce applications. 
Sea-of-Data (SoD) applications are those that need to process huge quantities of 
distributed data. They present specific restrictions, which make mobile agent systems one 
of the most feasible technologies to implement them. In this paper we propose a 
mechanism to safely assign roles to mobile agents and an access control method based in 
Role-based Access Control (RBAC). The access control method provide ... 

Keywords: SPKI, access control, mobile agents, security 



15 Access control poiicv implementation: On the role of roles: from role-based to role- Q 
% sensitive access control 
^ Xuhui Ao, Naftaly H. Minsky 

June 2004 Proceedings of the ninth ACM symposium on Access control models and 
technologies 

Publisher: ACM Press 

Full text available: ^pdtX212,C0.KB) Additional Information: Mlcitatjon, abstract, references, index terms 

This paper maintains that for an access-control (AC) mechanism tosupport a wide range 
of policies, it is best to dispense with any built-insemantics for roles in the mechanism 
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itself— be it the semantics of RBAC, orany other— leaving such semantics to be defined 
by particular policies. Inother words, an AC mechanism should be sensitive to roles, 
allowingspecific policies to take roles into account for their authorizationdecisions. But it 
should not be based on any particular interpretationof t ... 

Keywords: access control policy specification and decentralized enforcement, law- 
governed interaction, role-based access control, security 



16 Next generation access control models: Implementing access control to people 

^ location information 

^ Urs Hengartner, Peter Steenkiste 

June 2004 Proceedings of the ninth ACM symposium on Access control models and 
technologies 

Publisher: ACM Press 

Full text available: ^i>dftl34,30.KBJ Additional Information: full citation, abstract, references, index term s 

Ubiquitous computing uses a variety of information for which access needs to be 
controlled. For instance, a person's current location is asensitive piece of information, 
which only authorized entities should be able to learn. Several challenges arise in the 
specification and implementation of policies controlling access to location information. For 
example, there can be multiple sources of location information, the sources can be within 
different administrative domains, different administrative ... 

Keywords: certificates, delegation, dsa, location, rsa, spki/sdsi, trust 



17 Authentication and signature schemes: Origin authentication in interdomaln routing 
^ William Aiello, John Ioannidis, Patrick McDaniel 

October 2003 Proceedings of the 10th ACM conference on Computer and 
communications security 

Publisher: ACM Press 

Full text available* f|| pd r P68 26 K°) Additional Information: lull citation, abstract, references, citings, index 



terms 

Attacks against Internet routing are increasing in number and severity. Contributing 
greatly to these attacks is the absence of origin authentication: there is no way to 
validate claims of address ownership or location. The lack of such services enables not 
only attacks by malicious entities, but indirectly allow seemingly inconsequential 
miconfigurations to disrupt large portions of the Internet. This paper considers the 
semantics, design, and costs of origin authentication in interdomai ... 

Keywords: BGP, address management, delegation, routing, security 



18 Agents, interactions, mobility and systems: Certificates for mobile code security 

Mi Hock Kim Tan, Luc Moreau 

^ March 2002 Proceedings of the 2002 ACM symposium on Applied computing 
Publisher: ACM Press 

Full text available: ^i>dft513...59.KB) Additional Information: fuJJ„cjtatipn J ab stract, references,, index terms 

The problem of protecting mobile code from malicious hosts is an important security 
issue, for which many solutions have been proposed. We describe a method to adapt an 
existing technique, execution tracing, to enhance its flexibility in deployment for a large 
scale mobile agent system. This is achieved through the introduction of a trusted third 
party, the verification server, which undertakes the verification of execution traces on 
behalf of the platform launching the agent. The server constru ... 

Keywords: mobile agent certificates, mobile agent security, mobile agent security 
framework 
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Publisher: ACM Press 

Full text available- < Bpdff282.18 KB) Additlonal Information: full citation, abstract, Inferences, citing jndex 

terms 

We give goal-oriented algorithms for discovering credential chains in RTo, a role-based 
trust-management language introduced in this paper. The algorithms search credential 
graphs, a representation of RTo credentials. We prove that evaluation based on 
reachability in credential graphs is sound and complete with respect to the set-theoretic 
semantics of RTo . RTo is more expressive than SDSI 2.0, so our algorithms can 
perform ... 

20 Position papers: An open architecture for secure interworking services 
:j§&j Richard Hayton, Ken Moody 

September 1996 Proceedings of the 7th workshop on ACM SIGOPS European 

workshop: Systems support for worldwide applications 
Publisher: ACM Press 

Full text available: ^pdf{798.16 KB) Additional Information: full citation, abstract, references, citings 

There is a developing need for applications and distributed services to cooperate or inter- 
operate. Current mechanisms can hide the heterogeneity of host operating systems and 
abstract the issues of distribution and object location. However, in order for systems to 
inter-operate secure/ythere must also be ways to hide differences in security policies, or 
at least to support negotiation between them.Other proposals for the interworking of 
security mechanisms have focussed on the ... 
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